Search form

You are here

Ransomware Attack Linked to NSA Breach

by John Lister on May, 28 2019 at 01:05PM EDT

The National Security Agency (NSA) is refusing to comment on claims a tool it developed has been used in a ransomware attack on the Baltimore city government. The New York Times says the attackers used a tool called
"EternalBlue."

The attackers have encrypted Baltimore government systems and demanded between $76,000 and $114,440 (depending on the account) to restore access. Officials have refused to pay and used workarounds including some manual processing of files and switching to Gmail for internal communications.

It seems the attack was carried out using EternalBlue, which is designed to address a bug in Windows XP and Vista. Though that bug was quickly fixed once EternalBlue became public knowledge, some users haven't applied the update, apparently including Baltimore's officials.

Of course, one irony is that organizations still using the hugely outdated XP and Vista probably aren't exactly doing a perfect job of keeping systems up to date. (Source: bbc.co.uk)

Stolen Spy Tool Used For Attacks

EternalBlue is particularly dangerous as it allows hackers to execute code remotely on a machine, which can be used for all manner of disruptive activity from stealing data to disabling a computer. It's known to have been used for several key attacks worldwide including the WannaCry ransomware and NotPetya, a targeted attack against Ukraine's infrastructure and financial system.

While a group known as the ShadowBrokers made EternalBlue publicly available and thus enabled such attacks, many security experts believe the group didn't develop the tool.

NSA Kept Windows Bug Secret

Instead, the theory is that the group stole the tool from the National Security Agency, whose own communications were compromised.

According to the Times, the NSA spotted the bug and developed the tool around 2012, using it to gain remote access to computers of people under surveillance. It reportedly didn't warn Microsoft about the bug for five years when it discovered its own systems had been breached and the tool's existence leaked. (Source: nytimes.com)

What's Your Opinion?

If the story is true, was the NSA right to keep the Windows bug secret and use it to its own advantage? Should it bear some of the responsibility for the attackers going after the Baltimore government system? Do you have any sympathy with organizations who get hacked while running unsupported systems such as Windows XP?

"Do you have any sympathy with organizations who get hacked while running unsupported systems such as Windows XP"

Bloody right I do. The purulent filth that hacks computers is the bane of modern existence.
Imagine how good and convenient operating systems could be if development effort and processor time wasn't being wasted on protection from these worthless oxygen thieves.

Public extermination of this vermin would go a long way towards improving life as we know it.

I believe it was John Foster Dulles who was a Sec of State for FDR who made the famous, or infamous, quote "Gentlemen don't read other gentlemen's mail" when queried about military intelligence gathering.

The Zimmerman Letter comes to mind. Only the truly naive amongst us wants to be blindsided by another country meddling in their affairs.

Hence, "They do it to us and we do it to them" is but one way of trying to maintain our national integrity and sovereignty.